Cyber security need not cost a fortune, says researcher

Organisations can bolster their cyber security without incurring huge costs by tapping into free resources and following best practices, according to a security researcher.

There are many low-cost and no-cost things organisations can do to improve their cyber security posture, according to Lancaster University cyber security researcher Adrian Venables.

Cost is one of the main reasons organisations put off addressing cyber security threats, he said, alongside perceptions that it is too complex to tackle or that security suppliers are simply using fear to make money. There is also the mistaken belief by organisations that they are unlikely to be hit by a cyber attack.

“Many organisations are either putting their heads in the sand or dismissing it as a non-issue,” Venables told Cybercon 2017 in Plymouth.

There is also the mistaken belief by organisations that they are unlikely to be hit by a cyber attack.

Venables, who is a former regular and now reservist British naval officer, said organisations should be making use of the advice and best practice guidelines that are available free of charge.

“Organisations can use these resources from academia and government to ensure they are better informed about cyber security so that they can allocate budget more wisely and effectively,” he said.

By being better informed, organisations can ensure they have the most appropriate cyber security policies in place, which can also be done free of charge, he said.